Blogs.Managing a Business

7 Considerations for Crafting an Online Privacy Policy

Rules of Conduct and Disclaimer

The SBA.gov site provides open, publicly accessible forums and communication tools for entrepreneurs and small business owners to learn, share, and discuss practical solutions to everyday business problems with each other, industry experts, and experts at government agencies.

By registering as a member of the SBA.gov, users may post to forums, blogs, and use other online resources for sharing information with other members. They may also share information about themselves and their businesses in their user profile.

These member-contributed resources and user profiles are moderated by the SBA team, which includes employees and contractors of the U.S. Small Business Administration and partner agencies.

Rules of Conduct

All member-contributed resources and user profiles are post moderated by the SBA team. Any contribution that does not meet these rules of conduct will be removed.

1. Comments and contributions to forum threads or blog posts should be descriptive, succinct, and relevant to discussion or forum topic.

1.a. To better facilitate conversation, moderators may move off-topic threads to another appropriate forum, close threads or delete off-topic posts at their discretion. Members may also start a new discussion that would otherwise be off-topic in the current thread.1.b. To maintain quality of discussions, contributions that do not provide a substantive purpose or relevance may be flagged by a moderator as abuse, and will be removed.

2. We encourage members to have open and candid discussions and debates. We will not censor members for expressing an opinion within the limits of these Rules of Conduct. However, all communications should be civil and polite. Members should treat each other with respect and consideration for all points of view. Please remember that this is a public venue read by many people of all ages, from around the world, spanning all walks of life.

3. SBA.gov may not be used to post, transmit or provide hyperlinks or pointers to material that is knowingly false and/or defamatory; contain ad hominem attacks, misleading, inaccurate, abusive, vulgar, hateful, harassing, obscene, profane, sexually oriented, threatening or invasive of a person's privacy; that otherwise violates any law; or that encourages conduct constituting a criminal offense.

4. Users are encouraged to discuss and share business knowledge and experiences. To ensure that all users will get the most out of the SBA.gov experience, the following linking policies are in effect to curb self-promotion and spam. Posts that do not adhere to these policies may have their links disabled or be removed.

4.a. SBA.gov may not be used to post, transmit or provide hyperlinks or pointers to press releases, newsletters, websites, or any other type of content that promote one's business, product or service or does not address the thread's topic. Members may include text-only references to relevant resources.4.b. Members may link to Federal, state, or local government websites for the purpose of sharing verified information.4.c. Members may use their profile page to share information about their business, products, or services, and may include only one (1) hyperlink to their commercial website.4.d. Members may include only one (1) link in their signature line. Any additional links to websites, social network profiles, or email addresses will be removed.

5. User names that might be deemed abusive, vulgar, hateful, harassing, obscene, profane, sexually oriented, threatening, invasive of a person's privacy, or otherwise inappropriate are not allowed and will be removed.

6. User names that are intended to mislead others will be removed. Such nicknames include but are not limited to using nicknames that impersonate competitors, other members, government employees, elected officials, or any other individual or entity.

7. Sock puppet accounts are not permitted. A sock puppet is an account made on an Internet message board by a person who already has an account for the purpose of posting anonymously or as a different user. Please use your own account for posting personal opinions. Posts from known sock puppet accounts will result in deletion of the posts and sock puppet accounts.

8. Email excerpts of any type or length are not allowed to be posted in forums, blogs or other tools.

9. To protect the privacy of members, and the privacy of others, members may not include anyone's personal information or personally identifiable information such as names, addresses, phone numbers or e-mail addresses, or social security numbers in any forum, blog, or other member contributed area.

10. Advertising: SBA.gov may not be used to advertise or promote businesses, products or services within the discussion boards, idea exchanges or blogs. Posts that contain pricing information will be considered abuse and removed from public view. Members may use their profile page to share information about themselves, their businesses, products, services and personal and professional background.

11. Intellectual property: SBA.gov may not be used to post material that is protected by copyright, trademark or other proprietary right without the express permission of the owner(s) of said copyright, trademark or other proprietary right.

12. Spam: Posting the same message, or an unsolicited commercial message, to one or many topics or boards is considered spam and will be removed. Duplicate messages may be deleted or consolidated by a Moderator.

13. Access Permissions:

13a. Certain portions of SBA are limited to registered users and/or allow a user to access services online by entering personal information. You must be at least 13 years old to become a registered user. If you are not at least 13, you will be removed from the registered area(s) and/or denied support or services if SBA does not receive written parental consent. As a term of registration, you agree that any information provided to us will be complete and accurate, that you will not register under the name of, nor attempt to enter the site under the name of, another person, and that you will not adopt a user name that SBA, in its sole discretion, deems offensive.13b. Abusive and harassing behavior or any actions that violate these Rules of Conduct may result in suspension of your ability to post to forums and other member-contributed areas. Account suspensions may be appealed to a Moderator.

14. Private discussions:Sometimes, a discussion thread strays off into a friendly dialogue or a heated debate among a very small number of users. For these exchanges, we ask that you take these discussions outside SBA.gov.

15. Blogging is forbidden: except as described in the Guest Blogger Guidelines, members may not blog or post blog-like messages on SBA.gov. The purpose of the SBA.gov is for small business owners to ask and answer questions. Discussing topics is encouraged, however excessive lecturing or commentary is prohibited.

User Profiles

Members may create personalized profiles, and opt to include personal identifiable information about themselves to everyone who visits SBA.gov. Except where noted above, the content of personal profiles is subject to the same Rules of Conduct as the forums, blogs and other member-contributed content.

The OMB Control Number for this collection is 3245-0375. The time required to complete this information collection is estimated to average 90 second per response. If you have any comments concerning the status of your individual submission, the accuracy of the time estimate or suggestions for improving this form, please write to: U.S. Small Business Administration, Office of Communications & Public Liaison, 409 3rd St. SW, Washington, D.C. 20024-3212.

Guest Contributors

Occasionally, the SBA team will invite guest bloggers from industry and government to contribute their expertise. Please read the disclaimer below concerning the views expressed in contributions from guest contributors.

Moderators

SBA.gov is moderated by the SBA team, which includes employees and contractors of the U.S. Small Business Administration and partner agencies. We recognize that the Web is a 24/7 medium, and your comments are welcome at any time. Given the need to manage Federal resources effectively, however, we will generally review comments and contributions from 8:00 a.m.-5:00 p.m. Eastern Time, Monday through Friday. We will read and respond to comments submitted after hours, on weekends, or on holidays as early as possible the next business day.

Privacy Policy

The privacy of users and members of SBA.gov is very important, and we encourage you to read the SBA Privacy Policy.

Disclaimer

You are accessing a U S Government information system, which includes (1) this computer, (2) this computer network, (3) all computers connected to this network, and (4) all devices and storage media attached to this network or to a computer on this network. This information system is provided for U.S. Government-authorized use only.

Unauthorized or improper use of this system may result in civil and criminal penalties.

By using this information system, you understand and consent to the following:

You have no reasonable expectation of privacy regarding any communications or data transiting or stored on this information system. At any time, the government may for any lawful government purpose monitor, intercept, search and seize any communication or data transiting or stored on this information system.

Any communications or data transiting or stored on this information system may be disclosed or used for any lawful government purpose.

Your consent is final and irrevocable. You may not rely on any statements or informal policies purporting to provide you with any expectation of privacy regarding communications on this system.

Except when specifically noted, any views or opinions expressed on SBA.gov forums, blogs or member-contributed resources are those of the individual contributors. The views and posted comments do not necessarily reflect those of the U.S. Small Business Administration, partner agencies, or the Federal government. Information on SBA.gov site is provided as a service to the Internet community, and does not constitute legal advice. SBA aims to provide quality and accurate information, but we make no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained in or linked to by SBA on the website. The SBA does not endorse the organizations sponsoring linked websites, and we do not endorse the views they express or the products/services they offer. The SBA cannot authorize the use of copyrighted materials contained in linked websites. Users must request such authorization from the sponsor of the linked website. The SBA is not responsible for transmissions users receive from linked websites. The SBA does not guarantee that outside websites comply with Section 508 (Accessibility Requirements) of the Rehabilitation Act. Since laws and regulations change frequently, nothing provided herein should be used as a substitute for the advice of an attorney.

7 Considerations for Crafting an Online Privacy Policy

If you are starting an online business, conducting email marketing, or interacting with your customers via your website, then you need to be aware of and adhere to online privacy policies.

What do online privacy policies accomplish? Why do you need one? Sometimes, it’s required, such as the statutes that govern email SPAM. Others are optional. In general, your online privacy policy is your company’s pledge to your customers about how you will use, not use, and protect the consumer data you collect from them. Check out SBA.gov’s own privacy policy as an example.

A privacy policy is not just lip service to your customers. You'll need to make sure your business follows the policy by implementing reasonable security measures to protect your customers' data. Failure to follow your business's privacy policy can result in costly legal fees.

The thing about online privacy policies is that they differ from business to business and must be tailored to fit each business’ needs. However, there are some general guidelines and laws to be aware of as you craft your policy.

1. Explain How You Collect and Use Personal Information

While not required by law (although the Federal Trade Commission prohibits any deceptive practices), creating a privacy policy is important if you want people to buy your products. This is particularly important if you are involved in e-commerce or if you collect information in surveys or marketing forms. Every customer has a right to know how you collect and use their information.

Online privacy policy generators (just run a search on that term and you’ll find them) can help you craft a policy. As you craft yours, be sure to clearly explain the following:

How You Share Customer Information – Customers need to know that their data will only be used to complete the transaction and that any further use of that data (including selling or distributing it) requires their consent.

Contact Information – Make it easy for your customers to contact you or file a complaint.

2.Display Your Privacy Policy – Make sure new customers or users have easy access to your policy by prominently displaying links to it (from your home page, product pages, and in the shopping cart). Remember, you want them to feel comfortable that you take their online security seriously.

3.Publish Your Email Opt-Out Policies – Include opt-out options in your email marketing (the CAN-SPAM Act requires it) and on your website so that your customers have the option of changing or canceling their email notices. Read more about opt-out and CAN-SPAM laws in SBA’s guide to Online Advertising Law.

5. Adhere to Your Policy – Adherence to your policy is important from the standpoint of both customer credibility and the law: the Federal Trade Commission will investigate complaints of unfair or deceptive practices. A case in point: its recent investigation of Facebook privacy practices. As new technologies emerge, such as mobile apps, online communities, and social media, be sure to update your privacy policy to align with any changes to the way you capture and protect consumer information.

6. Get a Seal of Approval – Third party validation of your online privacy and security policy can enhance your credibility. For a fee, these companies can help you create your privacy policy, or review your existing one, and conduct an annual audit to test your compliance.

7. Talk to an Expert – The Federal Trade Commission is constantly reviewing privacy issues. Areas such as cloud computing, mobile applications, social media, and other online services are increasingly coming under the spotlight. If you do most of your business online, talk to a lawyer who specializes in Internet or online law to determine whether your policies are adequate.

About the Author:

Caron Beesley is a small business owner, a writer, and marketing communications consultant. Caron works with the SBA.gov team to promote essential government resources that help entrepreneurs and small business owners start-up, grow and succeed. Follow Caron on Twitter: @caronbeesley

Comments:

angelmiami | 6/11/2012 - 7:48 pm

There are a few sites that will autogenerate them for you. I use legalriver. If you run a site that uses Google adsense then a privay policy is required to obide by the terms.

welearners | 5/20/2012 - 12:41 pm

Thank you for this post it really helped me out This post was edited to remove a link. Please review our Community Best Practices for more information about how best to participate in our online discussions. Thank you.

vstudents | 4/21/2012 - 10:24 am

Thank you for your sharing its helps me a lot.

jerome12 | 4/6/2012 - 2:49 pm

Succinctly pointed and explained. Personally, I would exercise more care and caution when it comes to e-commerce websites and websites owned by financial institutions and banks.
Besides cookie and privacy policies, recent experience on facebook privacy issues, Google redoing the entire privacy policies (that requires a lot of time and skilled legal staff), it is important to structure a privacy policy from a long term perspective.
Legally, one could approach a law firm but I believe privacy policies need to be linked to organizational structure so a lot is expected from the business/website owner as well. Thanks for the article.

AlexJC | 4/3/2012 - 5:57 am

The main question I have is why proper privacy policy is so important. I mean a friend of mine has several blogs and he simply copied PP page from some other websites and doesn't have any problems with that.

Leave a Comment

You must be logged in to leave comments. If you already have an SBA.gov account, Log In to leave your comment.

New users, Register for a new account and join the conversation today!